Platform
other
Component
sinvr-sivms-video-server
Fixed in
5.0.1
CVE-2019-18339 describes an authentication bypass vulnerability affecting SiNVR/SiVMS Video Server versions prior to 5.0.0. This flaw allows a remote attacker with network access to potentially read the entire user database, including passwords stored in obfuscated cleartext. The vulnerability resides in the HTTP service (default port 5401/tcp) and can be exploited even when authentication is enforced. A fix is available in version 5.0.0.
The primary impact of CVE-2019-18339 is the potential for unauthorized access to sensitive user credentials. An attacker exploiting this vulnerability can bypass authentication mechanisms and directly access the SiVMS/SiNVR user database. This database contains user accounts and their corresponding passwords, which are stored in an obfuscated, but ultimately readable, format. Successful exploitation could lead to complete compromise of the video surveillance system, enabling attackers to view live feeds, modify recordings, and potentially gain control of other connected devices. The cleartext nature of the obfuscated passwords significantly increases the risk of credential theft and subsequent lateral movement within the network.
CVE-2019-18339 was publicly disclosed on December 12, 2019. While no active exploitation campaigns have been definitively confirmed, the vulnerability's ease of exploitation and the sensitivity of the data at risk make it a potential target. The CVSS score of 9.8 (CRITICAL) reflects the severity of the vulnerability. No KEV listing is currently available.
Exploit Status
EPSS
0.26% (50% percentile)
CVSS Vector
The primary mitigation for CVE-2019-18339 is to upgrade SiNVR/SiVMS Video Server to version 5.0.0 or later. If upgrading is not immediately feasible, consider implementing network segmentation to restrict access to the Video Server. Firewall rules should be configured to limit inbound traffic to port 5401/tcp from only trusted sources. While not a complete solution, monitoring network traffic for unusual connections to port 5401/tcp can provide early warning signs of potential exploitation attempts. After upgrading, verify the fix by attempting to access the Video Server's HTTP service without valid credentials; authentication should be enforced.
Update SiNVR/SiVMS Video Server to version 5.0.0 or later. This corrects the authentication bypass vulnerability in the HTTP service.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2019-18339 is a critical vulnerability allowing attackers to bypass authentication and access user credentials in SiNVR/SiVMS Video Server versions before 5.0.0.
You are affected if you are running SiNVR/SiVMS Video Server versions prior to 5.0.0. All versions before 5.0.0 are vulnerable to this authentication bypass.
Upgrade SiNVR/SiVMS Video Server to version 5.0.0 or later to remediate the vulnerability. Implement network segmentation as a temporary workaround.
While no confirmed active exploitation campaigns are publicly known, the vulnerability's severity and ease of exploitation suggest it remains a potential target.
Refer to the SiNVR security advisories for details and updates regarding CVE-2019-18339. Check the official SiNVR website for the latest information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.